Ransomware Roundup - Underground | Community Portal

Date: 09/02/2024

Severity: Critical

Summary

The initial appearance of Underground ransomware was noted in early July 2023 on a public file scanning site. This timing aligns with the first victim's data leak on July 13, 2023. As with typical ransomware, it encrypts files on Windows systems and demands a ransom for decryption through dropped notes.

Indicators of Compromise (IOC) List

Hash

9543f71d7c4e394223c9d41ccef71541e1f1eb0cc76e8fa0f632b8365069af64

9d41b2f7c07110fb855c62b5e7e330a597860916599e73dd3505694fd1bbe163

9f702b94a86558df87de316611d9f1bfe99a6d8da9fa9b3d7bb125a12f9ad11f

cc80c74a3592374341324d607d877dcf564d326a1354f3f2a4af58030e716813

d4a847fa9c4c7130a852a2e197b205493170a8b44426d9ec481fc4b285a92666

eb8ed3b94fa978b27a02754d4f41ffc95ed95b9e62afb492015d0eb25f89956f

Gurucul Threat Detection and Incident Response (TDIR) Queries for Detection

Hash

sha256hash IN ("9f702b94a86558df87de316611d9f1bfe99a6d8da9fa9b3d7bb125a12f9ad11f","9543f71d7c4e394223c9d41ccef71541e1f1eb0cc76e8fa0f632b8365069af64","9d41b2f7c07110fb855c62b5e7e330a597860916599e73dd3505694fd1bbe163","d4a847fa9c4c7130a852a2e197b205493170a8b44426d9ec481fc4b285a92666","cc80c74a3592374341324d607d877dcf564d326a1354f3f2a4af58030e716813","eb8ed3b94fa978b27a02754d4f41ffc95ed95b9e62afb492015d0eb25f89956f")

Reference:

https://www.fortinet.com/blog/threat-research/ransomware-roundup-underground

Ransomware Roundup - Underground

Summary

Indicators of Compromise (IOC) List

Gurucul Threat Detection and Incident Response (TDIR) Queries for Detection

Tags

Comments

Ransomware Roundup - Underground

Summary

Indicators of Compromise (IOC) List

Gurucul Threat Detection and Incident Response (TDIR) Queries for Detection

Tags

Share This

Comments